Information Technology Reference
In-Depth Information
This objective covers how to:
■
Configure primary and secondary zones
■
Configure stub zones
■
Configure conditional forwards
■
Configure zone and conditional forward storage in Active Directory
■
Configure zone delegation
■
Configure zone transfer settings
■
Configure notify settings
A primary DNS zone is required for DNS functionality and name resolution of any domain
name. A primary DNS zone is both authoritative for the zone and the primary point of stor-
age for the zone. Secondary zones are not required and not authoritative, but are useful
to reduce network traffic and provide faster name resolution, especially when not using an
Active Directory-integrated primary zone.
Configuring primary DNS zones
Primary DNS zones can be both forward lookup zones and reverse lookup zones. The most
common use of a forward lookup zone is to translate a device name into the IP address that
is represented by that name. A reverse lookup zone is used to obtain the device name when
you only know the device's IP address.
The zone data can be hosted in AD DS or in a local file on the DNS server. If stored in a
local file, it is in the %windir%\System32\Dns directory on the DNS server. The file name is
zonename
.dns where
zonename
is the name of the DNS zone.
A forward lookup zone, such as treyresearch.net, is composed of records of the names
of devices in the treyresearch.net namespace and their corresponding IP addresses. If a
client computer wants to connect to trey-dc-02.treyresearch.net, it requests the IP address
for trey-dc-02 from the client's primary DNS server. If that server hosts the record, it replies
immediately. If it doesn't, it either forwards that request to a server on its forwarders list, or
looks up who the authoritative DNS server is for treyresearch.net and queries that server for
the information and then returns the answer to the client that asked for the information in the
first place.
A reverse lookup zone enables clients to look up the name of a device when all they
know is the IP address for the device. So if I want to know the computer associated with
